Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
GLOBECOM
2008
IEEE
2008
IEEE
Bypassing Security Toolbars and Phishing Filters via DNS Poisoning
—Security toolbars are used to protect naive users against phishing attacks by displaying warnings on suspicious sites. Recently, web browsers have added built-in phishing filters mimicking the same functionality to detect phishing sites. The present study proposes a new attack to bypass security toolbars and phishing filters via DNS poisoning. Spoofed DNS cache entries are used to forge the results provided to security toolbars and thus misleading information is displayed to the victim. Although there are several studies that demonstrate DNS poisoning attacks, none to our best knowledge, investigate whether such attacks can circumvent security toolbars or phishing filters. Four well-known security toolbars and three reputable browser builtin phishing filters are scrutinized. None of the seven tools detect the attack. Worse still, security toolbars provide the victim with false confirmative indicators that the phishing site is legitimate.
Real-time Traffic| Added | 09 Nov 2010 |
| Updated | 09 Nov 2010 |
| Type | Conference |
| Year | 2008 |
| Where | GLOBECOM |
| Authors | Saeed Abu-Nimeh, Suku Nair |
Comments (0)
Researcher Info
|
